From 17804359e3b0e6e56636b1ef6b580cf10b1d7c94 Mon Sep 17 00:00:00 2001 From: "A.J. Stein" Date: Wed, 7 Aug 2024 09:24:26 -0400 Subject: [PATCH] Use header instead of resolved key manifest for #275 --- draft-ietf-scitt-architecture.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-scitt-architecture.md b/draft-ietf-scitt-architecture.md index 6190a32d..78d84739 100644 --- a/draft-ietf-scitt-architecture.md +++ b/draft-ietf-scitt-architecture.md @@ -485,7 +485,7 @@ Issuers and Relying Parties must be able to recognize the Artifact to which the The `iss` and `sub` Claims, within the CWT_Claims protected header, are used to identify the Artifact the Statement pertains to. (See Subject under {{terminology}} Terminology.) -Issuers MAY use different signing keys (identified by `kid` in the resolved key manifest) for different Artifacts, or sign all Signed Statements under the same key. +Issuers MAY use different signing keys (identified by `kid` in the protected header) for different Artifacts, or sign all Signed Statements under the same key. An Issuer can make multiple Statements about the same Artifact. For example, an Issuer can make amended Statements about the same Artifact as their view changes over time.